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Remarks 

Reconsideration of this Application is respectfully requested. 

Claims 24-41 are pending in the application, with claim 24 being the independent 
claim. Based on the following remarks, Applicants respectfully request that the 
Examiner reconsider all outstanding objections and rejections and that they be 
withdrawn. 

Allowable Subject Matter 

Applicants acknowledge with appreciation the Examiner's indication that claims 

33-35 would be allowable if rewritten in independent form including all of the 
limitations of their base claim and any intervening claims. 

Rejections Under 35 U.S.C. S 102 

In the Office Action, claims 24-26 and 36-41 were rejected under 35 U.S.C. 

§ 102(e) as being anticipated by Gunter et al, U.S. Patent No. 6,751,728 (Gunter). 
Applicants respectfully traverse this rejection. 

To establish a prima facie case of anticipation, the Examiner must show that 
"each and every element as set forth in the claim is found, either expressly or inherently 
described, in a single prior art reference." Verdegaal Bros. v. Union Oil of California, 
814 F.2d 628, 631 (Fed. Cir. 1987). Gunter does not teach every element of Applicants' 
independent claim 24. 

Gunter describes a method and system for efficiently transmitting encrypted 
packets between a sending host on an external network and a receiving host on an 
intranet through a NAP of the intranet. (Gunter, col. 2, lines 35-40). Gunter does not 
teach or suggest "a distributor unit that distributes a plurality of packets and security 
information associated with the plurality of packets according to a distribution scheme," 
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as recited in independent claim 24. In the Office Action, the Examiner appears to equate 
either the sending host or the network access point (NAP) 70 of Gunter with a distributor 
unit. (Office Action, pp. 3, 8). In addition, the Examiner appears to equate the hash 
value 116 of the packet described in Gunter with security association information. 
Applicants respectfully disagree with these understandings. 

A security association is an agreement between two communicating entities 
defining information necessary to perform security processing on an in-bound or out- 
bound IP packet exchanged between the entities. Security association information is 
retrieved by the transmitting and/or receiving entity for each packet requiring security 
processing. "The IPSec cryptography protocol specifies two levels of lookup: Policy 
(Security Policy Database (SPD) lookup) and Security Association (Security Association 
Database (SAD) lookup). The policy look-up is concerned with determining what needs 
to be done with various types of traffic, for example, determining what security 
algorithms need to be applied to a packet, without determining the details, e.g., the keys, 
etc. The Security Association lookup provides the details, e.g., the keys, etc., needed to 
process the packet according to the policy identified by the policy lookup." 
(Specification, p. 11, line 33 - p. 12, line 4). Thus, security association information 
includes, at a minimum, the protocols used for encrypting and/or authenticating packets 
exchanged between two entities, and when specified, one or more security processing 
keys (e.g., encryption keys). 

Gunter describes the format of a packet exchanged between a sending host and 
receiving host through a NAP. Gunter does not teach or suggest that security 
information is included in a packet. The packet in Gunter includes a source address 108, 
the NAP address (destination address) 110, payload data 112, cryptographic hash value 
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116, and the receiving host intranet address 126. (Gunter, FIG. 7). The hash value is a 
numeric value determined based on the contents of the entire data structure. (Gunter, 
col. 7, lines 35-36). The protocol used to generate the hash value is known to the 
sending host and receiving host and is not transmitted with the packet. Thus, no security 
association information is included in the data packet sent from the sending host to the 
NAP. 

The NAP strips the receiving host intranet address 126 from the packet and 
replaces the NAP address in the destination field 110 with the receiving host intranet 
address. (Gunter, col. 8, lines 3-6). The NAP does not retrieve any information related 
to security processing of the packet. The NAP then forwards the modified packet to the 
receiving host 66. (Gunter, col. 8, lines 19-21). Thus, no security information is 
included in the data packet sent from the NAP to the receiving host. 

Furthermore, Gunter teaches away from the distribution of security association 
information associated with each of the plurality of packets by the sending host or the 
NAP. Specifically, Gunter states "the data portion 112 and the cryptographic hash 116 
are then encrypted using a known encryption mechanism . . . encryption may use a single 
key known to both the sending and receiving hosts or the public private key scheme." 
(Gunter, col. 7, lines 45-50). Gunter therefore teaches that the sending and receiving 
hosts hold information needed for security processing (encryption protocol, 
authentication (hash) protocol, and keys). Thus, no distribution is required. 

Furthermore, Gunter does not teach or suggest "wherein the plurality of security 
processing engines receive at least a portion of the security association information 
associated with the packets., and wherein the plurality of security processing engines 
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process the plurality of packets in parallel, " as recited in independent claim 24. Li 

support of the rejection, the Examiner uses the following passages of Gunter: 

When the receiving host receives the modified packet, it decrypts the 
encrypted portion and authenticates the packet by calculating another 
hash value based on the addresses and data in the received packet, and 
comparing this hash value with the hash value included in the packet. 
(Gunter, Col. 2, lines 4-9). 

Other input devices (not shown) may include a microphone, joystick, 
game pad, satellite dish, scanner, or the like. These and other input 
devices are often connected to the processing unit 21 through a serial 
port interface 46 that is coupled to the system bus, but may be 
connected by other interfaces, such as a parallel port, game port or a 
universal serial bus (USB). (Gunter, Col. 4, lines 31-35). 

As discussed above, Gunter does not teach or suggest the distribution of security 
association information. Furthermore, Gunter does not teach or suggest a plurality of 
security processing engines that "process the plurality of packets in parallel," as recited 
in claim 24. Gunter at most describes security processing performed by a single 
receiving host. The discussion by Gunter of the use of a parallel port to couple an input 
device to a processing unit is wholly unrelated to parallel processing of a plurality of 
packets. 

For at least the foregoing reasons, independent claim 24 is patentable over 
Gunter. Furthermore, for at least these reasons and further in view of their own features, 
claims 25, 26, and 36-41 which depend from claim 24 are patentable over Gunter. 
Reconsideration and withdrawal of the ground of rejection is therefore respectfully 
requested. 
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Rejections Under 35 U.S.C. S 103 
Gunter and Barlow 

In the Office Action, claim 27 was rejected under 35 U.S.C. § 103(a) as being 
rendered obvious by Gunter in view of Barlow, et al, U.S. Patent No. 6,038,551 
(Barlow). Applicants respectfully traverse this rejection. 

Claim 27 depends from claim 24. Barlow does not overcome all of the 
deficiencies of Gunter relative to claim 24 described above. For at least these reasons, 
and further in view of its own features, claim 27 is patentable over Gunter in view of 
Barlow. Reconsideration and withdrawal of these grounds of rejection are therefore 
respectfully requested. 

Gunter and Leung 

In the Office Action, claims 28-32 were rejected under 35 U.S.C. § 103(a) as 
being rendered obvious by Gunter in view of Leung, et al, U.S. Patent No. 6,038,551 
(Barlow). Applicants respectfully traverse this rejection. 

Claims 28-32 depend from claim 24. Leung does not overcome all of the 
deficiencies of Gunter relative to claim 24 described above. For at least these reasons, 
and further in view of their own features, claims 28-32 are patentable over Gunter in 
view of Leung. Reconsideration and withdrawal of these grounds of rejection are 
therefore respectfully requested. 

Conclusion 

All of the stated grounds of objection and rejection have been properly traversed, 
accommodated, or rendered moot. Applicants therefore respectfully request that the 
Examiner reconsider all presently outstanding objections and rejections and that they be 
withdrawn. Applicants believe that a full and complete reply has been made to the 
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outstanding Office Action and, as such, the present application is in condition for 
allowance. If the Examiner believes, for any reason, that personal communication will 
expedite prosecution of this application, the Examiner is invited to telephone the 
undersigned at the number provided. 

Prompt and favorable consideration of this Amendment and Reply is respectfully 
requested. 



Respectfully submitted, 




Sterne, Kessler, Goldstein & Fox p.l.l.c. 



Lori A. Gordon 
Attorney for Applicants 
Registration No. 50,633 



Date: August 2, 2005 



1 100 New York Avenue, N.W. 
Washington, D.C. 20005-3934 
(202) 371-2600 
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